SSL vs. IPsec: which is right for your VPN?

Monday, 23 February 2004, 3:30 AM EST

Today, more and more organizations are using VPNs as a low-cost means of providing remote users secure access to corporate networks. VPNs provide leased line security using the inexpensive public Internet. VPNs maintain their high degree of security by using special encryption, authentication, and/or encapsulation techniques.

IT managers essentially have two choices when it comes to VPN technology: They can either deploy IPsec (Internet Protocol Security) clients on notebooks, desktops, and mobile devices, or they can choose an SSL (Secure Sockets Layer) solution that lets companies take advantage of pre-existing technologies, as it utilizes the encryption capabilities already built in to all contemporary Web browsers. Both solutions have their pros and cons, so selecting the best one for your needs can be confusing. Before deciding which one is right for your organization, itís important to understand how both technologies work to secure a VPN.

Spotlight

By working with the DevOps team, you can ensure that the production environment is more predictable, auditable and more secure than before. The key is to integrate your security requirements into the DevOps pipeline.

A critical vulnerability in ANTlabs InnGate devices, a popular Internet gateway for visitor-based networks and commonly installed in hotels and convention centers, has been discovered. The flaw could allow an attacker to monitor or tamper with traffic to and from any hotel WiFi user's connection.

In this interview, Raj Samani, VP and CTO EMEA at Intel Security, talks about successful information security strategies aimed at the critical infrastructure, government challenges, the role of regulation, and more.